<?php
/**
 * this class handles the authorization of privileges of given person
 * @author 		simon ungerboeck <ungerboeck_simon@hotmail.com>
 * @version		1.0
 */

class Authorization{
	private $personId;
	private $privList = array();
	public function __construct($personId){
		$this->personId = $personId;
		$this->loadPrivileges();
	}
	
	/**
	 * loads all privileges for person in priv list array
	 */
	private function loadPrivileges(){
		$sql = 'select p.name as NAME from ' . DB_CORE . '.role r join ';
		$sql .= DB_CORE . '.role_privilege rp on r.role_id = rp.role_id join ';
		$sql .= DB_CORE . '.privilege p on rp.privilege_id = p.privilege_id join ';
		$sql .= DB_CORE . '.person_role pr on r.role_id = pr.role_id ';
		$sql .= 'where pr.person_id=? and r.application_id=? and p.application_id=?';
		$params = array(
			$this->personId,
			APPLICATION_ID,
			APPLICATION_ID
			);
		
		$sqlObj = Sql_Object::getInstance();
		$sqlObj->connect();
		$sqlObj->execute($sql, $params);
		while (($row = $sqlObj->fetch()) != null)
			array_push($this->privList, $row['NAME']);
		$sqlObj->disconnect();
	}
	
	
	/**
	 * checks if user has all given privileges
	 * @param		array		$privileges
	 * @return		bool		$hasPrivs
	 */
	public function checkPrivileges($privileges){
		$hasPrivs = false;
		$checkedPrivCount = 0;
		$count = count($privileges);
		
		foreach ($privileges as $checkPrivName){
			foreach($this->privList as $privName){
				if ($checkPrivName == $privName)
					$checkedPrivCount++;
			}
		}
	
		if ($checkedPrivCount == $count)
			$hasPrivs = true;
			
		return $hasPrivs;
	}
}
?>